RE: Vpn Connections.
- From: Dan Williams <dcbw redhat com>
- To: New Acct <zeruelx hotmail com>
- Cc: Martinsson Patrik <patrik martinsson smhi se>, networkmanager-list gnome org
- Subject: RE: Vpn Connections.
- Date: Tue, 28 Oct 2008 11:06:09 -0400
On Tue, 2008-10-28 at 08:43 +0000, New Acct wrote:
>
> ----------------------------------------
> > Subject: Re: Vpn Connections.
> > From: dcbw redhat com
> > To: paul xelerance com
> > Date: Mon, 27 Oct 2008 13:01:28 -0400
> > CC: patrik martinsson smhi se; networkmanager-list gnome org
> >
> > On Mon, 2008-10-27 at 12:34 -0400, Paul Wouters wrote:
> >> On Mon, 27 Oct 2008, Martinsson Patrik wrote:
> >>
> >>> How does NetworkManagaer handle the import of cisco pcf file ?
> >>> What im really interested in is if it uses all the settings i have in that file ?
> >>
> >> Openswan has a pcf2os.pl script on contrib/ that can convert pcf files to openswan
> >> config files. However, the pcf file can contain an obfuscated group PSK. I don't know
> >> if anyone ever wrote a proper deobfuscation program. There used to be something at
> >> http://femto.cs.uiuc.edu/~sbond/vpnc/ which basically amounted to running the
> >> cisco client through ltrace -i and read it from a memcpy statement.
> >
> > It's been completely handled now, vpnc ships a 'cisco-decrypt' in the
> > tarball which doesn't depend on the binary cisco client. There are some
> > patches awaiting my review that will automatically decrypt the group
> > password on import.
> >
> > Dan
>
> In fact, it's even easier. vpnc runs a web form to decode encrypted group password. You just have to type in the encrypted password and click decode:
> http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode
Um, that's sort of insecure :)
Seriously, /usr/bin/cisco-decrypt is the easiest solution by far. If
you have vpnc installed, you have cisco-decrypt (or else your distros
vpnc maintainer should be shot). You don't even need network access for
it, and your group secret doesn't escape outside your machine.
Dan
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]